A small first-order DPA resistant AES implementation with no fresh randomness

1. Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proceedings of Annual International Cryptology Conference, Santa Barbara, 1999. 388–397

2. Nikova S, Rechberger C, Rijmen V. Threshold implementations against side-channel attacks and glitches. In: Proceedings of International Conference on Information and Communications Security, Raleigh, 2006. 529–545

3. Gross H, Mangard S, Korak T. Domain-oriented masking: compact masked hardware implementations with arbitrary protection order. In: Proceedings of the ACM Workshop on Theory of Implementation Security, Vienna, 2016

4. Canright D. A very compact S-box for AES. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems, Edinburgh, 2005. 441–455

5. Chen C, Farmani M, Eisenbarth T. A tale of two shares: why two-share threshold implementation seems worthwhile — and why it is not. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, 2016. 819–843

6. Moradi A, Poschmann A, Ling S, et al. Pushing the limits: a very compact and a threshold implementation of AES. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 69–88

7. Wegener F, Moradi A. A first-order SCA resistant AES without fresh randomness. In: Proceedings of International Workshop on Constructive Side-Channel Analysis and Secure Design, Singapore, 2018. 245–262

8. Goodwill G, Jun B, Jaffe J, et al. A testing methodology for side-channel resistance validation. In: Proceedings of NIST Non-Invasive Attack Testing Workshop, Nara, 2011. 115–136

9. Li S, Sun S W, Li C Y, et al. Constructing low-latency involutory MDS matrices with lightweight circuits. IACR Trans Symmetric Cryptol, 2019, 1: 84–117

   Article  Google Scholar 

Download references